public function chpwd()
{
if ($this->AjaxRequest) {
$user = tSession::getLoginedUserInfo();
$userModel = Model::make("User");
$userObj = $userModel->getUserById($user->id);
if (!($old = $this->post("old"))) {
return $this->renderJson(400, "Missing required parameter:old password!");
}
if (!($newPwd = $this->post("new"))) {
return $this->renderJson(400, "Missing requried parameter:new password");
}
if (!($confirm = $this->post("confirm"))) {
return $this->renderJson(400, "Missing requred parameter:confirm password!");
}
if ($newPwd !== $confirm) {
return $this->renderJson(400, "两次新密码输入不相同!");
}
if (!tPassword::verify($old, $userObj->passwd)) {
return $this->renderJson(400, "原密码不正确!");
}
$userObj->passwd = tPassword::hash($newPwd);
$userObj->save();
return $this->renderJson(["code" => 200, "errmsg" => "ok"]);
}
}
public static function update()
{
$session = Factory::make('session');
//=========== get old cookie key in session ==================
$user_login_key_old = $session->get("_login_cookie_key");
//============ get cookie val in session =====================
$user_login_val = $session->get("_login_cookie_val");
//============= product a new cookie key =====================
$user_login_key = tString::rand(12, tString::ALPHA);
//============== product new cookie val ======================
$user_login_val_hash = tPassword::hash($user_login_val);
//============== store the new cookie in session ============
$session->remove("_login_cookie_key");
$session->set("_login_cookie_key", $user_login_key);
//============== set the new cookie with new key & val =====
setCookie($user_login_key, $user_login_val_hash, time() + 3600, '/');
//============== expire the old cookie ======================
setCookie($user_login_key_old, '', time() - 1, '/');
}
